package io.gitee.zicai.sba.config

import de.codecentric.boot.admin.server.config.AdminServerProperties
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

/**
 * SecuritySecureConfig
 * @author zicai
 * @since 2019-12-06
 */
@Configuration
open class SecuritySecureConfig : WebSecurityConfigurerAdapter() {

    @Autowired
    private lateinit var adminServerProperties: AdminServerProperties

    override fun configure(http: HttpSecurity) {
        val adminContextPath = adminServerProperties.contextPath
        val successHandler = SavedRequestAwareAuthenticationSuccessHandler().also { it.setTargetUrlParameter("redirectTo") }
        http.authorizeRequests()
                .antMatchers("$adminContextPath/assets/**").permitAll()
                .antMatchers("$adminContextPath/login").permitAll()
                // 自身的健康检查
                .antMatchers("/actuator/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin().loginPage("$adminContextPath/login").successHandler(successHandler)
                // .and()
                // .logout().logoutUrl("$adminContextPath/logout")
                .and()
                .httpBasic()
                .and()
                .csrf().disable()
    }
}